archive:programming:hexearl
Welcome to the Adventures of Earl! ~~~~~~~ ~~ ~~~ ~~~~~~~~~~ ~~ ~~~~~
By Mike Graham
April 20th, 1991. 7:26
What can you do with patch editors? Lots of things. There are many uses of patch editors ranging from harmless to downright illegal. It would, for example, be illegal for you to patch command.com to say "HerbSoft HS-DOS ver 7.3", and hand it out to friends, because that infringes on MicroSoft's copyright, and although they sometimes seem to deserve it, it's still not something you should do. However, another (often useful) thing to do, is to patch command.com to change the error messages from, say, "File not found" to "File not here!", or "IT'S GONE!!!!!!!" (MicroSoft isn't exactly renowned for user-friendly error messages). Anything that you patch should NOT be distributed without the consent of the writer of the software. I.e. if you were to pop up the HexEdit executable in HexEdit and change my name to your name and distribute it in the hopes of getting some money from people registering, then I would hunt you down and flay the skin from your body with a potato peeler. But I digress. A patch editor is like a knife; some things can't be done without it, but it's easy to cut yourself with one. I provide this software as a TOOL. If you misuse that tool, I won't be held responsible. But, on a lighter side...
This document chronicles SuperHacker Earl's mangling of the fictional "Optima V" game. It is meant to illustrate one way to use HexEdit effectively.
Earl has a problem. Earl has been playing Optima V for almost a year now, and he just can't seem to get past one really viscous part of the game. Perhaps if he had a few thousand extra hit points?
Now, Earl knows that the character information regarding how many hit- points etc. he has in the game, must be stored in a file somewhere. Doing a directory of \OPTIMA, he doesn't see anything promising (like SAVEGAME.DAT or SAVE.GAM etc.) so he has to dig a bit deeper... Earl starts up the game, and saves his current progress. Dropping back to DOS, Earl does a directory looking for a file that has a modification date of just a few minutes ago... No dice. Sometimes game programmers adjust the date retroactively after updating the files. Hmmm.... Time for serious action. Using the ATTRIB utility that comes with DOS, Earl turns off the ARCHIVE attribute of all the files in the game directory, using the command "attrib -a c:\optima\*.*". This completed, he runs Optima again, saves again, and checks the attribute bytes of all of the Optima files with the command "attrib c:\optima\*.*". This lists all of the files, with attributes. Looking earnestly for an "A" in the attribute column, Earl finally spots his prey... OPT016.DAT is the save file. Figures it would be something with a meaningless file name.
Now that he has identified the save file, Earl pops it up in HexEdit: every superhacker's favorite patch editor.
Earl has written down all of the stats from his Optima campaign, so he is armed and dangerous... Earl knows that there are several ways to store numeric information in a file, including by value and by text representation. Nine times out of ten, a number is stored by value. Any number that can't be larger than 256 (such as a character's strength, intelligence, etc) will likely be stored in a single BYTE, whereas a number that has to escalate to the thousands (such as money and hit points) has to be stored in a WORD, which is two bytes linked together. Now, according to Earl's records, the current hit point value of his character is 1523. Popping up the base-conversion box in HexEdit, he finds that 1523 is the same as $05F3 in hexadecimal. One other thing that superhacker Earl knows is that WORD values are stored in files BACKWARDS. That's right, his hit points will show up as "F3 05", not "05 F3". So, it's a quick F9 to get to hex mode, a lightning fast F3 to search, and Earl pounds in "F3 05" to search. The search reveals 12 finds. Oh joy. Who wants to track down all 12 locations? Hmmm... It stands to reason that all of the stats for the character would be in the same area of the file, so maybe we can find some of the other stats... What was that value for "Magic Points" again? 1973... That's $07B5, which means we should look for "B5 07". Earl tries a search for that series. Two matches! Wonderful. Scanning the screen with a practiced eye, Earl doesn't see "F3 05" anywhere around the first find location, so he jumps to the next find location, with a mighty ALT-N, and lo and behold, there is an "F3 05" right nearby. Well, Earl isn't doing this for the sheer thrill, so he quickly decided how many hit points he'd like "How about 5000?" That's $1388 in hex, so he replaces "F3 05" with "88 13" (backwards, remember?). Anyway, Earl exits HexEdit (and saves the UNDO log in case (though highly unlikely) he's wrong.
Popping up Optima V finds a super-powerful character, and a happy Earl. Now if he could just find where the "gold pieces" value is stored...
Once you have deciphered a game's save file, it's easy to write a small program that will allow you to edit your characters and modify info in a much more user-friendly way.
- 2 -
Contacting the Author ~~~~~~~~~~ ~~~ ~~~~~~ I can be reached by mail at the following address:
Michael A. Graham
Box 60036
U of A Postal Outlet
Edmonton, AB
Canada, T6G 2S4
Or I can be contacted on InterNet as "michael_graham@mts.ucs.ualberta.ca". (if that doesn't work, substitute "MGRM" for michael_graham.
I can be contacted on the McNamara Software BBS in Edmonton, Alberta, (403)433-8375, as "Mike Graham" and am also available under the same name at The Keep BBS, also in Edmonton, (403)437-1428. The latest version of HexEdit and all of my other PD and Freeware programming efforts will always be available on these two BBS's. Feel free to contact me if you have suggestions for improvements, or (perish the thought!) a bug report.
- 3 -
/home/gen.uk/domains/wiki.gen.uk/public_html/data/pages/archive/programming/hexearl.txt · Last modified: 2001/09/20 03:33 by 127.0.0.1